xref: /freebsd/contrib/ntp/ntpd/ntp.keys.html (revision 8ef24a0d4b28fe230e20637f56869cc4148cd2ca)
1<html lang="en">
2<head>
3<title>NTP Symmetric Key</title>
4<meta http-equiv="Content-Type" content="text/html">
5<meta name="description" content="NTP Symmetric Key">
6<meta name="generator" content="makeinfo 4.7">
7<link title="Top" rel="top" href="#Top">
8<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage">
9<meta http-equiv="Content-Style-Type" content="text/css">
10<style type="text/css"><!--
11  pre.display { font-family:inherit }
12  pre.format  { font-family:inherit }
13  pre.smalldisplay { font-family:inherit; font-size:smaller }
14  pre.smallformat  { font-family:inherit; font-size:smaller }
15  pre.smallexample { font-size:smaller }
16  pre.smalllisp    { font-size:smaller }
17  span.sc { font-variant:small-caps }
18  span.roman { font-family: serif; font-weight: normal; }
19--></style>
20</head>
21<body>
22<h1 class="settitle">NTP Symmetric Key</h1>
23<div class="node">
24<p><hr>
25<a name="Top"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002ekeys-Description">ntp.keys Description</a>,
26Previous:&nbsp;<a rel="previous" accesskey="p" href="#dir">(dir)</a>,
27Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
28<br>
29</div>
30
31<h2 class="unnumbered">NTP's Symmetric Key File User Manual</h2>
32
33<p>This document describes the symmetric key file for the NTP Project's
34<code>ntpd</code> program.
35
36  <p>This document applies to version 4.2.8p7 of <code>ntp.keys</code>.
37
38  <div class="shortcontents">
39<h2>Short Contents</h2>
40<ul>
41<a href="#Top">NTP's Symmetric Key File User Manual</a>
42</ul>
43</div>
44
45<ul class="menu">
46<li><a accesskey="1" href="#ntp_002ekeys-Description">ntp.keys Description</a>
47<li><a accesskey="2" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>
48</ul>
49
50<div class="node">
51<p><hr>
52<a name="ntp_002ekeys-Description"></a>Previous:&nbsp;<a rel="previous" accesskey="p" href="#Top">Top</a>,
53Up:&nbsp;<a rel="up" accesskey="u" href="#Top">Top</a>
54<br>
55</div>
56
57<!-- node-name,  next,  previous,  up -->
58<h3 class="section">Description</h3>
59
60<p>The name and location of the symmetric key file for <code>ntpd</code> can
61be specified in a configuration file, by default <code>/etc/ntp.keys</code>.
62
63<div class="node">
64<p><hr>
65<a name="ntp_002ekeys-Notes"></a>
66<br>
67</div>
68
69<h3 class="section">Notes about ntp.keys</h3>
70
71<p><a name="index-ntp_002ekeys-1"></a><a name="index-NTP-symmetric-key-file-format-2"></a>
72
73  <p>This document describes the format of an NTP symmetric key file.
74For a description of the use of this type of file, see the
75"Authentication Support"
76section of the
77<code>ntp.conf(5)</code>
78page.
79
80  <p><code>ntpd(8)</code>
81reads its keys from a file specified using the
82<code>-k</code>
83command line option or the
84<code>keys</code>
85statement in the configuration file.
86While key number 0 is fixed by the NTP standard
87(as 56 zero bits)
88and may not be changed,
89one or more keys numbered between 1 and 65534
90may be arbitrarily set in the keys file.
91
92  <p>The key file uses the same comment conventions
93as the configuration file.
94Key entries use a fixed format of the form
95
96<pre class="example">     <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd>
97</pre>
98  <p>where
99<kbd>keyno</kbd>
100is a positive integer (between 1 and 65534),
101<kbd>type</kbd>
102is the message digest algorithm,
103and
104<kbd>key</kbd>
105is the key itself, and
106<kbd>opt_IP_list</kbd>
107is an optional comma-separated list of IPs
108that are allowed to serve time.
109If
110<kbd>opt_IP_list</kbd>
111is empty,
112any properly-authenticated server message will be
113accepted.
114
115  <p>The
116<kbd>key</kbd>
117may be given in a format
118controlled by the
119<kbd>type</kbd>
120field.
121The
122<kbd>type</kbd>
123<code>MD5</code>
124is always supported.
125If
126<code>ntpd</code>
127was built with the OpenSSL library
128then any digest library supported by that library may be specified.
129However, if compliance with FIPS 140-2 is required the
130<kbd>type</kbd>
131must be either
132<code>SHA</code>
133or
134<code>SHA1</code>.
135
136  <p>What follows are some key types, and corresponding formats:
137
138     <dl>
139<dt><code>MD5</code><dd>The key is 1 to 16 printable characters terminated by
140an EOL,
141whitespace,
142or
143a
144<code>#</code>
145(which is the "start of comment" character).
146
147     <br><dt><code>SHA</code><br><dt><code>SHA1</code><br><dt><code>RMD160</code><dd>The key is a hex-encoded ASCII string of 40 characters,
148which is truncated as necessary.
149</dl>
150
151  <p>Note that the keys used by the
152<code>ntpq(8)</code>
153and
154<code>ntpdc(8)</code>
155programs are checked against passwords
156requested by the programs and entered by hand,
157so it is generally appropriate to specify these keys in ASCII format.
158
159  <p>This section was generated by <strong>AutoGen</strong>,
160using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program.
161This software is released under the NTP license, &lt;http://ntp.org/license&gt;.
162
163<ul class="menu">
164<li><a accesskey="1" href="#ntp_002ekeys-Files">ntp.keys Files</a>:                   Files
165<li><a accesskey="2" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>:                See Also
166<li><a accesskey="3" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>:                   Notes
167</ul>
168
169<div class="node">
170<p><hr>
171<a name="ntp_002ekeys-Files"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>,
172Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>
173<br>
174</div>
175
176<h4 class="subsection">ntp.keys Files</h4>
177
178     <dl>
179<dt><span class="file">/etc/ntp.keys</span><dd>the default name of the configuration file
180</dl>
181<div class="node">
182<p><hr>
183<a name="ntp_002ekeys-See-Also"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>,
184Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002ekeys-Files">ntp.keys Files</a>,
185Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>
186<br>
187</div>
188
189<h4 class="subsection">ntp.keys See Also</h4>
190
191<p><code>ntp.conf(5)</code>,
192<code>ntpd(1ntpdmdoc)</code>,
193<code>ntpdate(1ntpdatemdoc)</code>,
194<code>ntpdc(1ntpdcmdoc)</code>,
195<code>sntp(1sntpmdoc)</code>
196<div class="node">
197<p><hr>
198<a name="ntp_002ekeys-Notes"></a>Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>,
199Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>
200<br>
201</div>
202
203<h4 class="subsection">ntp.keys Notes</h4>
204
205<p>This document was derived from FreeBSD.
206
207</body></html>
208
209